All:
The CVE web site has now been updated to include candidates. We have
accompanied this update with a press release that highlights our
accomplishments since the original announcement in September. Thanks
to everyone for all the work! We've done a lot in these last few
months.
Now that candidates are public, advisory producers such as CERTs or
security vendors may contact me to obtain candidate numbers for new
vulnerabilities or exposures that they will announce in their
advisories. A PGP key is available if you require encrypted
communications.
Semi-weekly updates of the most recent candidates will continue. We
are also working with various organizations to have them help serve as
a "data feed" to ensure that we have broad coverage of newly
discovered security problems.
One of the next steps will be to begin a new wave of legacy
candidates. This will include another round where Board members send
in large sets of submissions, like we did in November/December. I
will make this request in the next week or two, once we are certain
that everything is going smoothly with respect to public candidates.
- Steve